Interactive voice response (IVR) systems are used primarily to interface with callers accessing a point of service or point of routing in a communications network environment, typically a telephone environment. Modern IVR systems enable a caller to make specific menu selections by pushing a button on duel tone multi-frequency (DTMF) enabled telephones. Most modern telephones use the DTMF system. More recently, IVR systems have been improved to include voice recognition capability. Voice recognition at an IVR system often is made available in conjunction with standard DTMF pushbutton selection options.
A user may use a telephonic device to call a number that connects the user to an interactive voice response system. The interactive voice response system provides pre-recorded voice and audio information to the user and processes voice information received from the user. The telephonic device used by the user may be an intelligent telephonic device that includes a display for displaying visual information to the user, and a processor for processing multimedia information. In some cases, the interactive voice response system can interact with the intelligent telephonic device using voice, video, image or textual information. Dual mode (voice and DTMF) IVR systems/routines attempt to recognize the human voice by default, but will also accept a tone for menu selection. The menu typically prompts a user to say a particular word or phrase, or to enter an equivalent value by depressing a key on the communications device.
In a general, multi-modal interaction with a telephonic device using a call handling system is enabled by receiving a call at an interactive voice response (IVR) system of the call handling system, the call being received from a telephonic device of a caller. A voice communications session between the IVR and the telephonic device is established in response to the call. To configure the call handling system to exchange multi-modal communications with the telephonic device, a data communications session between an application server associated with the call handling system and the telephonic device is established for communication of data during the call and the IVR is enabled to execute content of one or more voice pages to exchange voice information with the caller via the voice communications session. Also, the application server associated with the call handling system is enabled to execute contents of one or more multimedia pages linked to the one or more voice pages to communicate text, image or video information to the caller via the data communications session.
IVR systems are used in a variety of applications. For example, purchasing and financial transactions, medical, health and insurance transactions, and other transactions, in which private or sensitive information and data are conveyed via voice and/or DTMF enabled telephones in order to accomplish and complete the transaction. However, such private or sensitive information of the users of the IVR systems is prone to data breach. For example, such information may be captured in recording, appear in log files that can be improperly accessed, or be audible via a listening device or person.
In fact, there has been many massive data breaches recently that have captured national attention and exposed the private data of millions of users and consumers. Most data breaches involve overexposed and vulnerable unstructured data files, documents, and sensitive information, which may include audible information. In such data breaches, sensitive, protected or confidential data is copied, transmitted, viewed, listened to, stolen or used by individuals unauthorized to do so. Moreover, the departure of a trusted staff member with (unnecessary) access to sensitive information can become a data breach if the staff member improperly discloses or uses such data. In distributed systems, this can also occur with a breakdown in or hack of any component of the system.
Most such incidents publicized in the media involve private information on individuals, i.e. social security numbers, etc. However, in most cases, loss of corporate information such as trade secrets, sensitive corporate information, details of contracts, etc. or of government information is frequently unreported.
Automatic Communication Distribution (ACD) has been typically performed on premises in a contact center environment. With the advent of cloud-based computing, ACD processing is being moved off premises and into the cloud. ACD processing for a cloud related product is usually performed completely in the cloud, where the cloud related product can perform sophisticated matching, such as on skills with routing of communications. Security and privacy problems also arise in the cloud service, where the cloud may be exposed to hacking and unauthorized access.
Accordingly, there is a need for a system and method that substantially improve security and privacy of sensitive information for the conventional IVR systems.